|
269451
|
7.5 |
HIGH
Network
|
zyxel
|
usg50_firmware
nwa3560-n_firmware
|
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets.
|
CWE-399
Resource Management Errors
|
CVE-2016-10227
|
2024-11-21 11:43 |
2017-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269452
|
9.8 |
CRITICAL
Network
|
zabbix
|
zabbix
|
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
|
CWE-89
SQL Injection
|
CVE-2016-10134
|
2024-11-21 11:43 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269453
|
7.8 |
HIGH
Local
|
nagios
|
nagios
|
Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-10089
|
2024-11-21 11:43 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269454
|
5.4 |
MEDIUM
Network
|
bigtreecms
|
bigtree_cms
|
An issue was discovered in BigTree CMS before 4.2.15. The vulnerability exists due to insufficient filtration of user-supplied data in the "id" HTTP GET parameter passed to the "core/admin/adjax/dash…
|
CWE-284
Improper Access Control
|
CVE-2016-10223
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269455
|
7.2 |
HIGH
Network
|
sauter-controls
|
novaweb_web_hmi
|
An issue was discovered in Sauter NovaWeb web HMI. The application uses a protection mechanism that relies on the existence or values of a cookie, but it does not properly ensure that the cookie is v…
|
CWE-254
7PK - Security Features
|
CVE-2016-10224
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269456
|
7.5 |
HIGH
Network
|
ikiwiki
|
ikiwiki
|
ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote a…
|
CWE-284
Improper Access Control
|
CVE-2016-10026
|
2024-11-21 11:43 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269457
|
6.1 |
MEDIUM
Network
|
sivann
|
it_items_database
|
An issue was discovered in IT ITems DataBase (ITDB) through 1.23. The vulnerability exists due to insufficient filtration of user-supplied data in the "value" HTTP POST parameter passed to the "itdb-…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10216
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269458
|
6.1 |
MEDIUM
Network
|
fastspot
|
bigtree-form-builder
|
An issue was discovered in Fastspot BigTree bigtree-form-builder before 1.2. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP POST parameters passed to a…
|
CWE-79
Cross-site Scripting
|
CVE-2016-10215
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269459
|
7.5 |
HIGH
Network
|
gstreamer_project
|
gstreamer
|
The qtdemux_tag_add_str_full function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10199
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269460
|
5.5 |
MEDIUM
Local
|
gstreamer_project
|
gstreamer
|
The gst_aac_parse_sink_setcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (invalid memory read and …
|
CWE-125
Out-of-bounds Read
|
CVE-2016-10198
|
2024-11-21 11:43 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
